Skip to content

Instantly share code, notes, and snippets.

View Rajchowdhury420's full-sized avatar
💻
just another learner

Raj Chowdhury Rajchowdhury420

💻
just another learner
  • syf
  • ::1
  • 14:25 (UTC -12:00)
View GitHub Profile
"terminal.integrated.profiles.windows":{"Git Bash":{"path":"C:\\Program Files\\Git\\bin\\bash.exe"}, },
"terminal.integrated.defaultProfile.windows": "Git Bash"
https://fzl-aws.notion.site/Query-Quake-c787bc75ee2d4cda97260b3299eebd1d
metadata:
language: v1-beta
name: "SQL Injection Detection"
author: "mrrootsec"
description: "This Bcheck detects potential SQL Injection vulnerabilities by identifying error messages commonly associated with SQL injections in the response."
tags: "active", "sql-injection"
given request and response then
if {latest.request.body} contains "'" and {latest.response} matches "(?i)(sql syntax.*?error|warning.*?\Wmysql\W|on SQL command|Microsoft OLE DB Provider for SQL Server|Unclosed quotation mark after the character string|'80040e14'|'42000'|'42S22'|'Microsoft Access Driver')" then
report issue:
metadata:
language: v1-beta
name: "Potential SQL Injection Detection (Active)"
author: "mrrootsec"
description: "This Bcheck identifies potential SQL Injection vulnerabilities by detecting single quotes in the request body and common SQL error messages in the response."
tags: "active", "sql-injection"
given request and response then
if {latest.request.body} contains "'" and {latest.response} matches "(?i)(sql syntax.*?error|warning.*?\Wmysql\W|on SQL command|Microsoft OLE DB Provider for SQL Server|Unclosed quotation mark after the character string|'80040e14'|'42000'|'42S22'|'Microsoft Access Driver')" then
report issue:
<?xml version="1.0"?>
<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
<name>iPhone</name>
<SSIDConfig>
<SSID>
<hex>6950686F6E65</hex>
<name>iPhone</name>
</SSID>
</SSIDConfig>
<connectionType>ESS</connectionType>
import os
# Set the directory path containing the files
directory_path = '/path/to/your/folder'
# Gather all existing tftpl filenames in the directory to check against json files
existing_tftpls = {file.replace('.tftpl', '') for file in os.listdir(directory_path) if file.endswith('.tftpl')}
# Iterate through all files in the directory
for filename in os.listdir(directory_path):
import os
import json
# Set the directory path containing the files
directory_path = '/path/to/your/folder'
# Function to recursively replace $ with $$ in specific JSON sections
def replace_in_json(data, skip_replacement=False):
if isinstance(data, dict):
for key, value in data.items():
import os
import json
# Set the directory path containing the files
directory_path = '/path/to/your/folder'
# Function to recursively replace $ with $$ in specific JSON sections
def replace_in_json(data):
if isinstance(data, dict):
for key, value in data.items():
import os
# Set the directory path containing the files
directory_path = '/path/to/your/folder'
# Iterate through all files in the directory
for filename in os.listdir(directory_path):
# Check if the file is a JSON file
if filename.endswith('.json'):
# Construct the corresponding tftpl filename
def find_missing_integer(N, arr):
expected_sum = (N + 1) * (N + 2) // 2
actual_sum = sum(arr)
missing_number = expected_sum - actual_sum
return missing_number
N = 7
arr = [1, 2, 4, 6, 3, 7, 8]